package com.example.demo.controller.admin;

import com.example.demo.entity.sysuser.SysUser;
import com.example.demo.service.SysUser.SysUserService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.annotation.Resource;
import javax.servlet.http.HttpSession;

/**
 * 不使用security就要自己写登录和注销
 * 否则不能写登录和注销
 */
@Controller
@RequestMapping("/admin")
public class AdminLoginController {
    @Resource
    SysUserService sysUserService;
    @Resource
    BCryptPasswordEncoder passwordEncoder;
//    @GetMapping("/login")
//    public String login() {
//        return "/admin/login";
//    }
//    @PostMapping("/login")
//    public String login(String username, String password, Model model, HttpSession session) {
//        SysUser sysUser = sysUserService.findByUserName(username);
//        if(sysUser == null) {
//            model.addAttribute("error","用户不存在");
//            return "/admin/login";
//        }
//        if(!passwordEncoder.matches(password,sysUser.getPassword())) {
//            model.addAttribute("error","密码不正确");
//            return "/admin/login";
//        }
//        //保存用户到session
//        //sysUser关联了角色,角色又关联了权限
//        //所以在页面上可以通过循环该用户获取其权限(菜单)
//        //如果使用mybatis，你应该在service中查询该用户时
//        // 就设置好了他的角色和权限{用户对应的属性（或方法上）}
//        session.setAttribute("sysUser", sysUser);
//        return "redirect:/admin/index";
//    }
//    @GetMapping("/logout")
//    public String logout(HttpSession session) {
//        session.invalidate();
//        return "/admin/login";
//    }
}
